Ive encountered a issue when preparing for ipa migration.
On the source ipa server.
ipa-replica-prepare newipaserver.example.com --ip-address x.x.x.x
Directory Manager (existing master) password:
Preparing replica for newipaserver.example.com from oldipaserver.example.com
preparation of replica failed: cannot connect to u'ldaps://oldipaserver.example.com:7390': LDAP Server Down
cannot connect to u'ldaps://oldipaserver.example.com:7390': LDAP Server Down
File "/usr/sbin/ipa-replica-prepare", line 529, in <module>
main()
File "/usr/sbin/ipa-replica-prepare", line 391, in main
update_pki_admin_password(dirman_password)
File "/usr/sbin/ipa-replica-prepare", line 247, in update_pki_admin_password
bind_pw=dirman_password
File "/usr/lib/python2.6/site-packages/ipalib/backend.py", line 63, in connect
conn = self.create_connection(*args, **kw)
File "/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py", line 846, in create_connection
self.handle_errors(e)
File "/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py", line 736, in handle_errors
error=u'LDAP Server Down').
Ive also encountered the same issue on a test environment, but i cant fully reproduce the circumstances.
ipactl restart had no effect.
# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
DNS Service: RUNNING
MEMCACHE Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING
Seems like a known issue but i cant find a solution.
preparation of replica failed
Re: preparation of replica failed
Is anything listening on port 7390 of oldipaserver? Is it on other than localhost? Is the firewall open for that port?
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Re: preparation of replica failed
No i checked and also tried just stop iptables.
Same with selinux.
In regard to whats listening on that port no only ldap
netstat -plnt | grep 73*
tcp 0 0 0.0.0.0:5672 0.0.0.0:* LISTEN 3002/qpidd
tcp 0 0 0.0.0.0:749 0.0.0.0:* LISTEN 25476/kadmind
tcp 0 0 0.0.0.0:48781 0.0.0.0:* LISTEN 1797/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1775/rpcbind
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 25476/kadmind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 29030/named
tcp 0 0 0.0.0.0:726 0.0.0.0:* LISTEN 25218/ns-slapd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2616/cupsd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 29030/named
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2949/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 28592/sshd
tcp 0 0 :::7389 :::* LISTEN 25287/ns-slapd
tcp 0 0 :::7390 :::* LISTEN 25287/ns-slapd
tcp 0 0 ::ffff:127.0.0.1:9701 :::* LISTEN 26001/java
tcp 0 0 :::9447 :::* LISTEN 26001/java
tcp 0 0 :::35655 :::* LISTEN 1797/rpc.statd
tcp 0 0 :::5672 :::* LISTEN 3002/qpidd
tcp 0 0 :::749 :::* LISTEN 25476/kadmind
tcp 0 0 :::111 :::* LISTEN 1775/rpcbind
tcp 0 0 :::464 :::* LISTEN 25476/kadmind
tcp 0 0 :::726 :::* LISTEN 25218/ns-slapd
Same with selinux.
In regard to whats listening on that port no only ldap
netstat -plnt | grep 73*
tcp 0 0 0.0.0.0:5672 0.0.0.0:* LISTEN 3002/qpidd
tcp 0 0 0.0.0.0:749 0.0.0.0:* LISTEN 25476/kadmind
tcp 0 0 0.0.0.0:48781 0.0.0.0:* LISTEN 1797/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1775/rpcbind
tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 25476/kadmind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 29030/named
tcp 0 0 0.0.0.0:726 0.0.0.0:* LISTEN 25218/ns-slapd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2616/cupsd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 29030/named
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2949/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 28592/sshd
tcp 0 0 :::7389 :::* LISTEN 25287/ns-slapd
tcp 0 0 :::7390 :::* LISTEN 25287/ns-slapd
tcp 0 0 ::ffff:127.0.0.1:9701 :::* LISTEN 26001/java
tcp 0 0 :::9447 :::* LISTEN 26001/java
tcp 0 0 :::35655 :::* LISTEN 1797/rpc.statd
tcp 0 0 :::5672 :::* LISTEN 3002/qpidd
tcp 0 0 :::749 :::* LISTEN 25476/kadmind
tcp 0 0 :::111 :::* LISTEN 1775/rpcbind
tcp 0 0 :::464 :::* LISTEN 25476/kadmind
tcp 0 0 :::726 :::* LISTEN 25218/ns-slapd
Re: preparation of replica failed
Then you either have the wrong port number or whatever it is that should be listening there is not.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke